As a vendor, we always strongly recommend that our customers run the current version of our products with the latest security patches installed. As security practitioners, we all know that running up to date software is an essential component of defending computers against the most common form of attacks. Recently, this belief was shaken during my first experience with electronic voting.
Last weekend, the French elected their representatives to the national assembly. I hold a dual citizenship, one of which is French. Having lived in the United States for many years, I qualified for a pilot program run by the French government allowing French citizens living outside of France to vote via the Internet to elect their representative at the National Assembly.
Electronic voting has been the subject of many debates and research among the security community. However, my bad experience with electronic voting had nothing to do with elaborate theories of statistics or anonymity, but everything to do with basic security measures.
The process started well:
First, French citizens living abroad were invited to register to vote over the Internet. I did so by logging in to my account on the French Consulate website.
Next, I received a confidential ID by postal mail along with a password by email. The email was not encrypted, but the ID in the letter was in fact a second password. The password was complex and physically protected with a metallic sticker. The use of two secrets sent independently through two different communication channels indicated that some thought had been given to security.
The focus on security was confirmed when I connected to vote on the government website. As a first step in the voting process, I was required to have my configuration checked in order to (according to the website) to verify that my computer met the minimum security requirements required to vote over the Internet.
The outcome of the verification astonished me. My configuration did not allow me to vote “in total security” on account of the configuration of my Java module. I could not resist and clicked on the link that offered me assistance in addressing the issue. I was astonished to see that even though I was running the latest version of Java (Java 1.7), the site required me to disable it and to downgrade to the previous version (Java 1.6). In short, I had to downgrade to an older version to get “total security”.
Upon checking the Java website to see if Oracle was making security recommendations different from the rest of the industry, I was reassured to see that, like every other vendor, Oracle recommends to always use the latest version of Java because, among other things, it contains “vulnerability fixes”.
This marked the end of my electronic voting experiment. I did not proceed any further and I did what millions of French citizens have done for centuries; I went to the polls, took a piece of paper with the name of the candidate for whom I wanted to vote, put it in a sealed envelope that I deposited in the ballot box, and voilà, no software downgrade nor hanging chads to worry about.